Re: CVE-2018-1050 and CVE-2018-1057 for samba
On Wed, Mar 14, 2018 at 10:07:40AM +0100, Mathieu Parent wrote:
> 2018-03-14 10:00 GMT+01:00 Paul Wise <pabs@debian.org>:
> > On Wed, Mar 14, 2018 at 4:42 PM, Mathieu Parent wrote:
> >
> >> See the attached patch for CVE-2018-1050 on samba 3.6. CVE-2018-10507
> >> is on the AD DC code which is not part of samba 3.6.
> >
> > A beta of samba 4 is also in wheezy:
> >
> > https://packages.debian.org/source/wheezy/samba4
>
> It should be removed from supported packages IMO.
Already happened a long time ago, this package was modified to only
build some client libs (IIRC needed for Openchange), but doesn't
ship the server parts:
https://packages.qa.debian.org/s/samba4/news/20140416T220212Z.html
Cheers,
Moritz
Reply to: